Diffie-Hellman is the cryptographic handshake that lets two parties agree on a secret key over an insecure channel, without ever sending the key itself.
Imagine Alice wants to talk securely to Bob. They’ve never met, and anyone listening can see their messages. Diffie-Hellman is their way of creating a shared secret password that only they know, even though an eavesdropper hears every single step of their conversation.
Here’s how it works, simplified:
First, Alice and Bob agree on two public numbers. Let’s call them p (a large prime number) and g (a generator, which is a number less than p). These numbers are not secret. Anyone can know them.
Alice: "Hey Bob, let's use p=23 and g=5 for our secret key."
Bob: "Sounds good, Alice!"
Now, Alice picks a secret number, say a=6. She calculates a public value: A = g^a mod p.
A = 5^6 mod 23 = 15625 mod 23 = 8.
Alice then sends A to Bob.
Alice: "My public value is 8."
At the same time, Bob picks his own secret number, say b=15. He calculates his public value: B = g^b mod p.
B = 5^15 mod 23 = 30517578125 mod 23 = 19.
Bob then sends B to Alice.
Bob: "My public value is 19."
Now, Alice has Bob’s public value B=19, and Bob has Alice’s public value A=8.
Alice takes Bob’s public value B and raises it to the power of her secret number a: s = B^a mod p.
s = 19^6 mod 23 = 47045881 mod 23 = 2.
Bob takes Alice’s public value A and raises it to the power of his secret number b: s = A^b mod p.
s = 8^15 mod 23 = 35184372088832 mod 23 = 2.
Magic! They both arrive at the same secret number, s=2. This is their shared secret key.
An eavesdropper, let’s call her Eve, saw p=23, g=5, A=8, and B=19. To find the secret key s, Eve would need to solve for a in 8 = 5^a mod 23 or for b in 19 = 5^b mod 23. This is the discrete logarithm problem, which is computationally infeasible for large numbers.
This is the core idea: the mathematical difficulty of solving the discrete logarithm problem is what makes the exchange secure. Alice and Bob can compute the shared secret because they have one of the private exponents (a or b), while Eve, with only the public values, cannot.
The system in action isn’t just a theoretical exercise; it’s the foundation of TLS/SSL (the padlock in your browser), SSH (secure remote login), VPNs, and countless other secure communication protocols. When you visit a secure website, your browser and the server are likely performing a Diffie-Hellman exchange, or a variant of it, to establish a symmetric encryption key for the rest of your session.
The critical components you control are the choice of the prime p and the generator g. Larger primes and carefully chosen generators provide stronger security. For instance, in real-world applications, p is a prime number with hundreds or thousands of digits, making brute-force attacks on the discrete logarithm problem practically impossible. The generator g is often a small number like 2, 5, or 3, but its properties are important for the security of the specific prime p.
What most people don’t realize is that the Diffie-Hellman exchange itself doesn’t authenticate the parties involved. If Eve can impersonate Bob to Alice, and Alice to Bob, she can perform a "man-in-the-middle" attack. Alice and Bob think they’re talking to each other, but they’re both talking to Eve, who then relays messages and decrypts them using the separate keys she established with each of them. This is why Diffie-Hellman is almost always used in conjunction with digital signatures or certificates for authentication.
The next challenge is understanding how Diffie-Hellman is adapted in modern cryptography to resist specific attacks and improve efficiency.